CVE-2004-0067

Phpgedview < 2.65 - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1.

Exploits (14)

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24837

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24830

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24814

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24819

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24835

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24829

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24834

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24822

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24821

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24820

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24816

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24831

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24832

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappsphp

https://www.exploit-db.com/exploits/24810

View Code ZIP pw:eip

References (26)

[Mailing List] http://marc.info/?l=bugtraq&m=107394912715478&w=2

[Vendor Advisory] http://secunia.com/advisories/26628

[Third Party Advisory, VDB Entry] http://www.osvdb.org/3473

[Third Party Advisory, VDB Entry] http://www.osvdb.org/3474

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/2995

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/14212

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36285

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/477881/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11868

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11880

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11882

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11888

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11890

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11891

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11894

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11903

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11904

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11905

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11906

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/11907

... and 6 more

Scores

EPSS 0.0148

EPSS Percentile 80.8%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

phpgedview/phpgedview < 2.65

Timeline

Published Feb 17, 2004

Tracked Since Feb 18, 2026